You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
112 lines
2.3 KiB
112 lines
2.3 KiB
3 years ago
|
{
|
||
|
"force-delete-results-dir": true,
|
||
|
"quandary-sources": [
|
||
|
{
|
||
|
"procedure": "__infer_taint_source",
|
||
|
"kind": "Other"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::method_source",
|
||
|
"kind": "Other"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::static_source",
|
||
|
"kind": "Other"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::template_source",
|
||
|
"kind": "Other"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::string_source",
|
||
|
"kind": "Other"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::taint_arg_source",
|
||
|
"kind": "Other",
|
||
|
"index": "0"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "allocs::allocation_source",
|
||
|
"kind": "EnvironmentVariable"
|
||
|
}
|
||
|
],
|
||
|
"quandary-sinks": [
|
||
|
{
|
||
|
"procedure": "__infer_taint_sink",
|
||
|
"kind": "Other",
|
||
|
"index": "0"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_sql_sink",
|
||
|
"kind": "SQLInjection",
|
||
|
"index": "all"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_sql_read_sink",
|
||
|
"kind": "SQLRead",
|
||
|
"index": "all"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_sql_write_sink",
|
||
|
"kind": "SQLWrite",
|
||
|
"index": "all"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_url_sink",
|
||
|
"kind": "URL",
|
||
|
"index": "all"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::method_sink",
|
||
|
"kind": "Other",
|
||
|
"index": "1"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::static_sink",
|
||
|
"kind": "Other",
|
||
|
"index": "0"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::template_sink",
|
||
|
"kind": "Other",
|
||
|
"index": "0"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::string_sink",
|
||
|
"kind": "Other",
|
||
|
"index": "1"
|
||
|
}
|
||
|
],
|
||
|
"quandary-sanitizers": [
|
||
|
{
|
||
|
"procedure": "__infer_all_sanitizer",
|
||
|
"kind": "All"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_shell_sanitizer",
|
||
|
"kind": "EscapeShell"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_sql_sanitizer",
|
||
|
"kind": "EscapeSQL"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "__infer_url_sanitizer",
|
||
|
"kind": "EscapeURL"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::sanitizer1"
|
||
|
},
|
||
|
{
|
||
|
"procedure": "basics::Obj::sanitizer2"
|
||
|
}
|
||
|
],
|
||
|
"quandary-endpoints": [
|
||
|
"basics::Obj::endpoint",
|
||
|
"endpoints::Service1::user_controlled_endpoint_to_sql_bad",
|
||
|
"endpoints::Service1::user_controlled_endpoint_to_shell_bad",
|
||
|
"execs::Obj::endpoint"
|
||
|
]
|
||
|
}
|